ietf-openpgp
[Top] [All Lists]

Re: How to handle photoID on keyserver? (Re: photo support?)

2002-07-01 21:59:13

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Subject: Re: How to handle photoID on keyserver?  (Re: photo support?) 

PGP doesn't use images anywhere near this size.  David Shaw
suggested that GnuPG will accept any size image, but even so,
I doubt that many people will attach such a large image
to their key.  [I might suggest that GnuPG refuse large
images by default, perhaps overridden with its "-expert" flag.]

I'd also guess that a 3% usage rate is very high.  The vast
majority of the keys on the public servers don't have any
signatures (other than self-).

  Someone who is not owner of that public key can put public key
  with PhotoID into public keyserver.  And everyone can get someone's
  public key with PhotoID.

Yes, anyone can post a key claiming any identity.  This is
really nothing new.

If you're worried about people attaching bogus identities to
established keys, your keyserver could reject those without
self-signatures.  (Most of the keyservers do no verification
at all right now, so this would be a significant change.)

And yes, you could reject photoID packets (and any associated
signatures) if you think size is a problem.  (Even if you
reject them, I would encourage you to leave them in your
sync stream to other keyservers, as they may have a more
permissive policy.)

I mean if dump key size is 15GB, HDD size is required 60GB at least.

I'm curious as to why this would be.  I can understand some
blowup because of indexing structures, but since you aren't
indexing the photoID packets anyway, I wouldn't expect the
same factor you have now.

-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.3

iQA/AwUBPSEy61MkvpTT8vCGEQIkYQCdEFBasKHCOGY8Avnh53CXDEbdLHcAn0Ff
LL+/kSzUo5R3jN1mXDBCcoco
=jAKp
-----END PGP SIGNATURE-----



<Prev in Thread] Current Thread [Next in Thread>